Spam is an unsolicited message sent to a recipient. Email spam is well-known and used to advertise products and for other purposes. Spam can also be sent by other types of media, for example, instant messaging, Short Messaging Service (SMS) messages, mobile phone messaging and so on. It is difficult to catch a person or organization sending spam, as they can quickly move their operations. Efforts are therefore made to prevent spam from being received.
A common use of spam is in a so-called “phishing” attack. It is commonplace for financial institutions such as banks to offer financial services over the Internet to their customers. Criminals are keen to exploit the way that the banks provide these services by using the Internet to commit fraud. One of the most common methods employed by criminals is known as the “phishing” attack
A phishing attack typically involves an “attacker” sending a spam email message claiming to be from a bank and requesting the recipient to submit sensitive account information for some purpose. Alternatively, the recipient may be asked to click on a link within the spam email message, where the link leads to a malicious website operated by the attacker that is designed to look like a legitimate bank website. The recipient is thus fooled into entering sensitive information
One way to prevent spam from being delivered to an intended recipient is to analyse the “reputation” of the sender, and determine whether or not an email message from that sender is likely to be spam. FIG. 1 shows an example network architecture. A sender 1 of spam sends a spam email message towards a recipient 2. In reality, spam is typically sent to many recipients, but only one is shown in this example. The spam email message is routed via a server 3 in a network 4. The IP address of the sender is checked against a blacklist of IP addresses in a database 5. If the sender is known to send spam, and therefore provisioned in the database 5, then appropriate action is taken to prevent the spam email message from being sent on to the intended recipient 2.
A problem with this approach is that it will not succeed if the sender of the spam email message does not have IP address that corresponds to one provisioned in the database 5. A further problem is that this will not prevent spam messages sent using media other than emails, such as SMS messages. The message will therefore be sent to the receiver 2 who will not be warned that the message is probably spam.
A further problem is that if the message is not detected as spam, and the spam email message includes a telephone number or email address for the recipient to contact, the user will not be alerted to the fact that the telephone number or email address are associated with a suspicious message.